1. Field of the Invention
The present invention relates to a method for authentication of a user on the basis of his/her voice profile, particularly with the use of a mobile phone. Furthermore, the invention relates to a subscriber's identification module or SIM card for controlling such a method.
2. The Prior Art
Voice portals are gaining increasing significance. Because of the further development of speech recognition technology and because of the competition on this sector, call center services are being increasingly automated. Banks offer account status information, stock trading, and transfers via voice portal. Telecommunications providers make the Internet accessible by voice, via so-called Voice XML (extensible markup language).
For many services, the user must first prove his/her identity, i.e. must authenticate himself/herself. Conventional authentication by way of a secret number or a password, usually referred to as a PIN (Personal Identification Number), creates problems. These problems are created particularly if the service is used infrequently, if the user forgets his/her PIN, and consequently does not use the service, or if the user does not like to use the service, because of complicated PIN re-set procedures. Furthermore, there is the not insignificant security risk that an unauthorized third party will spy out the PIN and will gain access to the services of the aforementioned type, in place of the authorized user. Therefore voice service providers are beginning to authenticate the user by way of his/her voice profile. This form of authentication, referred to as voice authentication hereinafter, has obvious advantages with regard to the aspect of user acceptance. The user no longer needs to remember any secret data. He/she is guided through a short authentication dialog in the conversation with the computer that he/she has to conduct in any case. Subsequently the user receives access to the appropriate service, depending on the result of the voice check.
Fundamentally, there is the possibility of using the mobile phone terminal (handset), something that a user generally has, for utilizing the voice services and for a related voice authentication. However, the mobile phone does not offer a uniform voice transmission quality. In the case of weak field intensity, voices can be distorted and interference noises can be generated. Voice recognition, i.e. a check of characteristic voice characteristics for authentication, reacts to this distortion and noise more sensitively than speech recognition, i.e. the recognition of spoken information. Field tests show a relatively high so-called False Rejection Rate (false rejection of an authentic user) in mobile phone networks, and this high False Rejection Rate makes the use of mobile phone terminals for voice authentication questionable, in general.
Aside from the usual approach of obtaining a voice profile of the user on the provider side, from the transmitted voice signal, and comparing it with the reference voice profile of the user, another approach is also known. In this approach, the reference voice profile is stored on the subscriber's identification module or SIM card of the mobile phone terminal and the check algorithm is allowed to run on this SIM card. However, in view of the common memory space on SIM cards, great losses with regard to the quality of the reference voice profile and the check algorithm must be accepted. These losses in turn lead to high error rates and therefore make practical use fundamentally questionable.